Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ab0phrYNT1xYyi6E-E4JpdL0l3s.roa
File: Ab0phrYNT1xYyi6E-E4JpdL0l3s.roa (raw, json)
Hash identifier: g4tg7M9D9yueOJvN0pvVximfOMyjV+/Lemxe5yAViXQ=
Subject key identifier: 01:BD:29:86:B6:0D:4F:5C:58:CA:2E:84:F8:4E:09:A5:D2:F4:97:7B
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194979D767F2C67FFC39E4FD5D1F2E491E7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ab0phrYNT1xYyi6E-E4JpdL0l3s.roa
Signing time: Fri 24 Jan 2025 09:21:06 +0000
ROA not before: Fri 24 Jan 2025 09:21:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.22.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.219.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:97:9d:76:7f:2c:67:ff:c3:9e:4f:d5:d1:f2:e4:91:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 24 09:21:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01bd2986b60d4f5c58ca2e84f84e09a5d2f4977b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7c:d5:70:b9:22:20:be:41:83:10:fb:18:f6:
d8:c4:67:b3:ce:71:55:fc:32:1e:9b:f0:39:1d:82:
72:a1:c6:0f:ea:75:66:3c:66:00:1b:c2:11:43:5d:
ad:bd:0b:b1:f3:93:30:12:34:6d:31:7d:42:67:bc:
5f:8b:9f:a0:68:f8:43:fa:75:df:50:f1:a3:ee:1c:
99:4e:d8:c8:ea:27:2e:6d:e9:10:dd:b1:3b:9d:71:
cc:fc:13:48:68:4c:a5:e5:65:84:48:96:1c:82:ff:
ad:45:22:97:3c:24:1e:7f:ab:08:d1:3e:8b:8e:07:
9f:99:ea:95:f6:97:6e:dc:53:21:76:10:af:69:d5:
30:a1:20:5b:16:c6:1c:01:5f:0a:36:1b:cd:4d:ef:
0e:cd:55:a7:9a:14:bd:f0:f3:e0:c0:04:15:c6:d1:
0c:da:fe:b2:48:ab:e0:88:05:ef:5d:19:0e:34:25:
91:42:dc:5a:0c:ac:bf:c1:18:9d:d2:50:7b:42:f6:
ce:2c:90:2f:ed:29:42:f3:67:66:1d:72:2d:36:a7:
e1:b9:6a:e0:8a:29:76:25:76:e0:b6:fa:a6:76:26:
4b:dd:db:07:5f:b7:12:a6:a5:9c:47:2d:60:79:44:
f0:15:cd:80:fd:41:68:36:a2:86:73:80:56:35:86:
33:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:BD:29:86:B6:0D:4F:5C:58:CA:2E:84:F8:4E:09:A5:D2:F4:97:7B
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ab0phrYNT1xYyi6E-E4JpdL0l3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.22.0/24
163.5.30.0/24
163.5.59.0/24
163.5.73.0/24
163.5.111.0-163.5.113.255
163.5.118.0/23
163.5.121.0/24
163.5.128.0/23
163.5.138.0/23
163.5.143.0-163.5.144.255
163.5.146.0/24
163.5.151.0/24
163.5.158.0/24
163.5.160.0/24
163.5.167.0/24
163.5.170.0/24
163.5.173.0/24
163.5.175.0/24
163.5.178.0/23
163.5.182.0/24
163.5.189.0/24
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.212.0/24
163.5.218.0/23
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.247.0/24
163.5.250.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:b7:05:a6:df:b2:7f:07:80:4d:f0:9d:f1:1b:14:85:df:57:
f3:b2:05:65:a1:cd:c6:fd:c4:d4:cb:c6:df:f3:57:a0:cb:6f:
e5:0b:e6:84:e0:94:74:f5:a3:0f:ed:0c:95:8d:8e:d2:53:91:
f4:ca:ed:2c:1d:a5:c5:48:49:86:6b:5c:70:75:84:15:6d:84:
db:2c:7f:01:0c:9a:72:ce:41:6f:1a:a7:45:75:f3:4b:24:30:
06:7d:40:62:81:5d:a4:2c:74:f1:92:21:64:e1:b8:0d:49:a3:
bd:2e:84:55:a9:cf:91:74:7e:a8:dc:99:d5:62:4d:93:e2:01:
73:60:95:b6:54:7f:44:15:46:7f:62:da:72:a3:2d:da:ed:89:
8b:bf:13:be:1c:00:92:e3:63:bf:d3:2b:b5:bc:75:40:81:97:
4b:de:72:de:5b:a8:95:40:d7:56:ad:c6:2a:09:d6:1d:f1:99:
97:de:ef:91:ae:63:e8:08:a8:23:22:19:ca:08:32:62:62:31:
e0:49:5b:5b:50:48:e9:75:9e:47:57:d4:71:18:7d:86:ec:76:
80:7b:a2:33:30:f3:a6:6e:71:71:ed:c7:8b:43:62:8d:c5:31:
4b:11:7c:bc:4e:ce:f3:4e:22:50:b7:76:5c:10:72:10:81:6f:
9e:82:d2:e8
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAZSXnXZ/LGf/w55P1dHy5JHnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTI0MDkyMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWJkMjk4NmI2MGQ0ZjVjNThjYTJlODRmODRlMDlhNWQyZjQ5NzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHzVcLkiIL5BgxD7GPbYxGezznFV
/DIem/A5HYJyocYP6nVmPGYAG8IRQ12tvQux85MwEjRtMX1CZ7xfi5+gaPhD+nXf
UPGj7hyZTtjI6icubekQ3bE7nXHM/BNIaEyl5WWESJYcgv+tRSKXPCQef6sI0T6L
jgefmeqV9pdu3FMhdhCvadUwoSBbFsYcAV8KNhvNTe8OzVWnmhS98PPgwAQVxtEM
2v6ySKvgiAXvXRkONCWRQtxaDKy/wRid0lB7QvbOLJAv7SlC82dmHXItNqfhuWrg
iil2JXbgtvqmdiZL3dsHX7cSpqWcRy1geUTwFc2A/UFoNqKGc4BWNYYzpQIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFAG9KYa2DU9cWMouhPhOCaXS9Jd7MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQWIwcGhyWU5UMXhZeWk2RS1FNEpwZEwwbDNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBACj
BRYDBACjBR4DBACjBTsDBACjBUkwDAMEAKMFbwMEAaMFcAMEAaMFdgMEAKMFeQME
AaMFgAMEAaMFijAMAwQAowWPAwQAowWQAwQAowWSAwQAowWXAwQAowWeAwQAowWg
AwQAowWnAwQAowWqAwQAowWtAwQAowWvAwQBowWyAwQAowW2AwQAowW9AwQAowW/
AwQBowXIMAwDBACjBcsDBACjBc4DBACjBdQDBAGjBdoDBACjBeADBACjBeQDBACj
BfEDBACjBfcDBACjBfowDQYJKoZIhvcNAQELBQADggEBAFq3Babfsn8HgE3wnfEb
FIXfV/OyBWWhzcb9xNTLxt/zV6DLb+UL5oTglHT1ow/tDJWNjtJTkfTK7SwdpcVI
SYZrXHB1hBVthNssfwEMmnLOQW8ap0V180skMAZ9QGKBXaQsdPGSIWThuA1Jo70u
hFWpz5F0fqjcmdViTZPiAXNglbZUf0QVRn9i2nKjLdrtiYu/E74cAJLjY7/TK7W8
dUCBl0vect5bqJVA11atxioJ1h3xmZfe75GuY+gIqCMiGcoIMmJiMeBJW1tQSOl1
nkdX1HEYfYbsdoB7ojMw86ZucXHtx4tDYo3FMUsRfLxOzvNOIlC3dlwQchCBb56C
0ug=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:10:44 2025 by rpki-client